CVE-2008-4392

Name of the Vulnerable Software and Affected Versions djbdns version 1.05

Description The issue allows remote attackers to spoof DNS responses more easily due to the lack of prevention of simultaneous identical outbound DNS queries. This can be demonstrated by a spoofed A record in the Additional section of a response to a Start of Authority (SOA) query.

Recommendations For djbdns version 1.05, consider implementing a mechanism to prevent simultaneous identical outbound DNS queries as a mitigation measure until a patch is available.